Beyond Compare License Key Has Been Revoked
Hey John, I only mentioned the web API because I wasn't sure if you were checking from your webservers. But it sounds like you're checking from the end-user side, in which case you must use IsGenuine.
The problem isn't that it's expensive with our servers. The problem is that not everyone has flawless internet connections. For instance, let's say your service checks if it's genuine on the customer's machine and their internet is down - what happens? Do you punish the user because they have flaky internet (that is, IsGenuine returns TAEINET)? I think checking every 24hours (or every restart) is a bit drastic. Checking every week is more reasonable. Sure, if you revoke a product key the revocation won't be immediate, but at most they get a few days of extra usage.
Checking once a month is my recommendation. My main concern is that you must consider end-user experience. For instance, let's say their internet is down for whatever reason (lightning storm, natural disaster, bob from accounting tripped over the ethernet cords), and they restart their computers. The last thing you want to do is compound their problem by disabling your app because it can't connect to the internet. Also you need to consider cases where users are explicitly blocking the internet connection (either just to wyday or for your whole kernel driver). So your calls to IsGenuine must be prepared to gracefully back off until some hard limit is reached.
So let's say you've reached the time of month to call IsGenuine and it fails to contact wyday. Instead of disabling your app immediately, notify the user that they need to unblock the internet to your app, and try again every day for the next week.
If the connection still fails after a week of retrying, then disable your app and notify the user. Of course there are reasons to check sooner. For instance, let's say you have a feature value that contains some date url=updateexpires/url:3j9sxy2h. If the date in updateexpires has been reached you might want to call IsGenuine to check if their is new feature data to download. Does this make sense? Site Admin Posts: 5509 Joined: July 11th, 2007, 10:30 pm Location: New Hampshire.
When I originally wrote this answer it was under an assumption that the question was regarding 'offline' validation of licence keys. Most of the other answers address online verification, which is significantly easier to handle (most of the logic can be done server side). Check tis article on which covers the following requirements:.
License keys must be easy enough to type in. We must be able to blacklist (revoke) a license key in the case of chargebacks or purchases with stolen credit cards. No “phoning home” to test keys. Although this practice is becoming more and more prevalent, I still do not appreciate it as a user, so will not ask my users to put up with it. It should not be possible for a cracker to disassemble our released application and produce a working “keygen” from it. This means that our application will not fully test a key for verification.
Only some of the key is to be tested. Further, each release of the application should test a different portion of the key, so that a phony key based on an earlier release will not work on a later release of our software. Important: it should not be possible for a legitimate user to accidentally type in an invalid key that will appear to work but fail on a future version due to a typographical error. I've not got any experience with what people actually do to generate CD keys, but (assuming you're not wanting to go down the road of online activation) here are a few ways one could make a key:. Require that the number be divisible by (say) 17. Trivial to guess, if you have access to many keys, but the majority of potential strings will be invalid. Similar would be requiring that the checksum of the key match a known value.
Require that the first half of the key, when concatenated with a known value, hashes down to the second half of the key. Better, but the program still contains all the information needed to generate keys as well as to validate them. Generate keys by encrypting (with a private key) a known value + nonce. This can be verified by decrypting using the corresponding public key and verifying the known value.
The program now has enough information to verify the key without being able to generate keys. These are still all open to attack: the program is still there and can be patched to bypass the check.
Cleverer might be to encrypt part of the program using the known value from my third method, rather than storing the value in the program. That way you'd have to find a copy of the key before you could decrypt the program, but it's still vulnerable to being copied once decrypted and to having one person take their legit copy and use it to enable everyone else to access the software. CD-Keys aren't much of a security for any non-networked stuff, so technically they don't need to be securely generated. If you're on.net, you can almost go with Guid.NewGuid. Their main use nowadays is for the Multiplayer component, where a server can verify the CD Key.
For that, it's unimportant how securely it was generated as it boils down to 'Lookup whatever is passed in and check if someone else is already using it'. That being said, you may want to use an algorhithm to achieve two goals:. Have a checksum of some sort. That allows your Installer to display 'Key doesn't seem valid' message, solely to detect typos (Adding such a check in the installer actually means that writing a Key Generator is trivial as the hacker has all the code he needs.
Not having the check and solely relying on server-side validation disables that check, at the risk of annoying your legal customers who don't understand why the server doesn't accept their CD Key as they aren't aware of the typo). Work with a limited subset of characters. Trying to type in a CD Key and guessing 'Is this an 8 or a B? A Q or an O or a 0?' - by using a subset of non-ambigous chars/digits you eliminate that confusion. That being said, you still want a large distribution and some randomness to avoid a pirate simply guessing a valid key (that's valid in your database but still in a box on a store shelf) and screwing over a legitimate customer who happens to buy that box. If you aren't particularly concerned with the length of the key, a pretty tried and true method is the use of public and private key encryption.
Essentially have some kind of nonce and a fixed signature. For example: 0089 Where 0001 is your nonce and 123456789 is your fixed signature. Then encrypt this using your private key to get your CD key which is something like: ABCDEF Then distribute the public key with your application. The public key can be used to decrypt the CD key 'ABCDEF', which you then verify the fixed signature portion of.
Beyond Compare 4 License Key
This then prevents someone from guessing what the CD key is for the nonce 0002 because they don't have the private key. The only major down side is that your CD keys will be quite long when using private / public keys 1024-bit in size. You also need to choose a nonce long enough so you aren't encrypting a trivial amount of information. The up side is that this method will work without 'activation' and you can use things like an email address or licensee name as the nonce. The key system must have several properties:. very few keys must be valid.
valid keys must not be derivable even given everything the user has. a valid key on one system is not a valid key on another. others One solution that should give you these would be to use a. Start with a 'system hash' (say grab the macs on any NICs, sorted, and the CPU-ID info, plus some other stuff, concatenate it all together and take an MD5 of the result (you really don't want to be handling if you don't have to)) append the CD's serial number and refuse to boot unless some registry key (or some datafile) has a valid signature for the blob. The user activates the program by shipping the blob to you and you ship back the signature.
Potential issues include that you are offering to sign practically anything so you need to assume someone will run a and/or attacks. That can be mitigated by checking the serial number provided and refusing to handle request from invalid ones as well as refusing to handle more than a given number of queries from a given s/n in an interval (say 2 per year) I should point out a few things: First, a skilled and determined attacker will be able to bypass any and all security in the parts that they have unrestricted access to ( i.e. Everything on the CD), the best you can do on that account is make it harder to get illegitimate access than it is to get legitimate access. Second, I'm no expert so there could be serious flaws in this proposed scheme.
There are also DRM behaviors that incorporate multiple steps to the process. One of the most well known examples is one of Adobe's methods for verifying an installation of their Creative Suite. The traditional CD Key method discussed here is used, then Adobe's support line is called.
The CD key is given to the Adobe representative and they give back an activation number to be used by the user. However, despite being broken up into steps, this falls prey to the same methods of cracking used for the normal process. Download ryona games. The process used to create an activation key that is checked against the original CD key was quickly discovered, and generators that incorporate both of the keys were made. However, this method still exists as a way for users with no internet connection to verify the product. Going forward, it's easy to see how these methods would be eliminated as internet access becomes ubiquitous. All of the CD only copy protection algorithms inconvience honest users while providing no protection against piracy whatsoever. The 'pirate' only need to have access to one legitimate cd and its access code, he can then make n copies and distribute them.
Beyond Compare License Key
It does not matter how cryptographically secure you make the code, you need to supply this with the CD in plain text or an legitimate user cannot activite the software. Most secure schemes involve either the user providing the software supplier with some details of the machine which will run the software (cpu serial numbers, mac addresses, Ip address etc.), or, require online access to register the software on the suppliers website and in return receive an activitation token. The first option requires a lot of manual administration and is only worth it for very high value software, the, second option can be spoofed and is absolutly infuriating if you have limited network access or you are stuck behind a firewall. On the whole its much easier to establish a trust relationship with your customers!